From: Christopher Faulet Date: Mon, 16 Nov 2020 15:03:35 +0000 (+0100) Subject: BUG/MINOR: http-ana: Don't wait for the body of CONNECT requests X-Git-Tag: v2.4-dev1~40 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=63c69a9b4ef1136c66967463b9e4b3538e35c016;p=thirdparty%2Fhaproxy.git BUG/MINOR: http-ana: Don't wait for the body of CONNECT requests CONNECT requests are bodyless messages but with no EOM blocks. Thus, conditions to stop waiting for the message payload are not suited to this kind of messages. Indeed, the message finishes on an EOH block. But the tunnel mode at the stream level is only set in HTTP_XFER_BODY analyser. So, the stream is blocked, waiting for a body that does not exist till a timeout expires. To fix this bug, we just stop waiting for a body for CONNECT requests. Another solution is to rely on HTX_SL_F_BODYLESS/HTTP_MSGF_BODYLESS flags. But this one is less intrusive. This message must be backported as far as 2.0. For the 2.0, only the HTX part must be fixed. --- diff --git a/src/http_ana.c b/src/http_ana.c index 4963b8f2f9..9e17082882 100644 --- a/src/http_ana.c +++ b/src/http_ana.c @@ -1044,6 +1044,10 @@ int http_wait_for_request_body(struct stream *s, struct channel *req, int an_bit if (htx->flags & HTX_FL_PROCESSING_ERROR) goto return_int_err; + /* CONNECT requests have no body */ + if (txn->meth == HTTP_METH_CONNECT) + goto http_end; + if (msg->msg_state < HTTP_MSG_BODY) goto missing_data;